Decryption problem
Werner Koch
wk@gnupg.org
Wed, 15 Sep 1999 09:10:15 +0200
Johan Wevers <johanw@vulcan.xs4all.nl> writes:
> No, for real (non-commercial) use. And I don't care that is is patented.
> I use IDEA (and RSA, but I'm outside the US) with 2.x anyway.
Don't let Ascom know this. They even require license fees when IDEA
is used by charities.
> I'm not using it for encryption, but I reasoned that it wouldn't hurt to be
> able to decrypt messages encrypted with Skipjack.
There is a reason for displaying the message
"Experimental algorithms should not be used"
the identifiers used to describe the algorithjms are not standard and
there will be interoperabilty with other implemenations or versions of
a software.
> BTW, I'm trying to make an RC5 module myself to see if I really understand
IIRC, RC5 is patented ;-)
> the code. I'm only confused what to do with the fact that my RC5 example
> code gets pointers to 32 bits quantities and the gpg code needs byte*'s, but
> I guess this subject is more approprriate for the developer list.
Most cipohers operate on full words. Have a look at the other ciphers
or hash functions to see how to convert words into an octet string
> 2.x compatibility is required since some of my correspondents use 2.x
> versions and I don't want to force them to upgrade. However I consider
> changing to a pgp 5 compatible key because the MD5 algorithm is not really
> considered safe anymore. Being compatible when just using conventional
That is simply not true. There is an evidence that in the near future
the calculation of collisions may be done on regular basis and
therefore you should not use it in DL signature algorithm, because
this could compromise your secret key.
One solution for the PGP 2 compatibilty is to tweak PGP 2 to use CAST5
instead of IDEA: You have only to change the idea_xxx functions to
use CAST5 instead (very easy as the key and block size is the same as
IDEA - in contrast to 3DES) and change the algorithm identifiers form
1 (IDEA) to 3 (CAST5). If you have such a PGP 2 you can still use
your RSA keys there is no need to worry about the IDEA patent. Of
course you eill not be able to decrypt IDEA messages - a header line
telling about this special PGP 2 version could help.
IMHO, such a patched version of pgp 2.6.3 makes sense and is not too
much work. you might want to call it pgpcast5 or something like this.
--
Werner Koch at guug.de www.gnupg.org keyid 621CC013